Nginx 配置
server {
listen 80;
server_name 173.249.40.xxx;
root /var/www/files.com/html;
index index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
location /securetest {
alias /var/www/files.com/html;
secure_link $arg_md5,$arg_expires;
secure_link_md5 "$secure_link_expires$uri$remote_addr the_secret_key_configured_in_nginx";
if ($secure_link = "") { return 403; }
if ($secure_link = "0") { return 410; }
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
PHP 文件
function buildSecureLink($baseUrl, $path, $secret, $ttl, $userIp)
{
$expires = time() + $ttl;
$md5 = md5("$expires$path$userIp $secret", true);
$md5 = base64_encode($md5);
$md5 = strtr($md5, '+/', '-_');
$md5 = str_replace('=', '', $md5);
return $baseUrl . $path . '?md5=' . $md5 . '&expires=' . $expires;
}
$secret = 'the_secret_key_configured_in_nginx';
$baseUrl = 'http://173.249.40.xxx';
$path = '/securetest/'.$filename;
$ttl = 120; //no of seconds this link is active
$userIp = '39.47.109.140';
$secure_Link_created = buildSecureLink($baseUrl, $path, $secret, $ttl, $userIp);
redirect($secure_Link_created);
问题是,当我写下确切的文件路径时,每个人都可以访问该文件,而我想要的是,该链接只能由我的网站访问。访问该文件的 URL 是什么?我也对此感到困惑。
http://173.249.40.xxx/nj_folder/myfile.zip
或者
http://173.249.40.xxx/securetest/myfile.zip
当我尝试使用 securetest URL 访问文件时,出现 404 错误。重定向代码也创建了链接,但对每个人都有效,并且具有准确的完整路径。http://173.249.40.xxx/nj_folder/myfile.zip?md5=NajZUYdhb5z6hXZ6O-9nKQ&expires=1522343848
完整路径应该被隐藏,我遗漏了什么?请详细解释一下。
谢谢